feat(sdk): Audit-Dashboard + RBAC-Admin Frontends, UCCA/Go Cleanup
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 33s
CI / test-python-backend-compliance (push) Successful in 32s
CI / test-python-document-crawler (push) Successful in 18s
CI / test-python-dsms-gateway (push) Successful in 16s
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 33s
CI / test-python-backend-compliance (push) Successful in 32s
CI / test-python-document-crawler (push) Successful in 18s
CI / test-python-dsms-gateway (push) Successful in 16s
- Remove 5 unused UCCA routes (wizard, stats, dsb-pool) from Go main.go - Delete 64 deprecated Go handlers (DSGVO, Vendors, Incidents, Drafting) - Delete legacy proxy routes (dsgvo, vendors) - Add LLM Audit Dashboard (3 tabs: Log, Nutzung, Compliance) with export - Add RBAC Admin UI (5 tabs: Mandanten, Namespaces, Rollen, Benutzer, LLM-Policies) - Add proxy routes for audit-llm and rbac to Go backend - Add Workshop, Portfolio, Roadmap proxy routes and frontends - Add LLM Audit + RBAC Admin to SDKSidebar Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -12,17 +12,14 @@ import (
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/api/handlers"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/audit"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/config"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/dsgvo"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/llm"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/rbac"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/academy"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/incidents"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/roadmap"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/training"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/ucca"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/whistleblower"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/iace"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/vendor"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/workshop"
|
||||
"github.com/breakpilot/ai-compliance-sdk/internal/portfolio"
|
||||
"github.com/gin-contrib/cors"
|
||||
@@ -59,7 +56,6 @@ func main() {
|
||||
// Initialize stores
|
||||
rbacStore := rbac.NewStore(pool)
|
||||
auditStore := audit.NewStore(pool)
|
||||
dsgvoStore := dsgvo.NewStore(pool)
|
||||
uccaStore := ucca.NewStore(pool)
|
||||
escalationStore := ucca.NewEscalationStore(pool)
|
||||
corpusVersionStore := ucca.NewCorpusVersionStore(pool)
|
||||
@@ -68,8 +64,6 @@ func main() {
|
||||
portfolioStore := portfolio.NewStore(pool)
|
||||
academyStore := academy.NewStore(pool)
|
||||
whistleblowerStore := whistleblower.NewStore(pool)
|
||||
incidentStore := incidents.NewStore(pool)
|
||||
vendorStore := vendor.NewStore(pool)
|
||||
iaceStore := iace.NewStore(pool)
|
||||
trainingStore := training.NewStore(pool)
|
||||
|
||||
@@ -108,17 +102,13 @@ func main() {
|
||||
rbacHandlers := handlers.NewRBACHandlers(rbacStore, rbacService, policyEngine)
|
||||
llmHandlers := handlers.NewLLMHandlers(accessGate, providerRegistry, piiDetector, auditStore, trailBuilder)
|
||||
auditHandlers := handlers.NewAuditHandlers(auditStore, exporter)
|
||||
dsgvoHandlers := handlers.NewDSGVOHandlers(dsgvoStore)
|
||||
uccaHandlers := handlers.NewUCCAHandlers(uccaStore, escalationStore, providerRegistry)
|
||||
escalationHandlers := handlers.NewEscalationHandlers(escalationStore, uccaStore)
|
||||
roadmapHandlers := handlers.NewRoadmapHandlers(roadmapStore)
|
||||
workshopHandlers := handlers.NewWorkshopHandlers(workshopStore)
|
||||
portfolioHandlers := handlers.NewPortfolioHandlers(portfolioStore)
|
||||
draftingHandlers := handlers.NewDraftingHandlers(accessGate, providerRegistry, piiDetector, auditStore, trailBuilder)
|
||||
academyHandlers := handlers.NewAcademyHandlers(academyStore, trainingStore)
|
||||
whistleblowerHandlers := handlers.NewWhistleblowerHandlers(whistleblowerStore)
|
||||
incidentHandlers := handlers.NewIncidentHandlers(incidentStore)
|
||||
vendorHandlers := handlers.NewVendorHandlers(vendorStore)
|
||||
iaceHandler := handlers.NewIACEHandler(iaceStore)
|
||||
trainingHandlers := handlers.NewTrainingHandlers(trainingStore, contentGenerator)
|
||||
ragHandlers := handlers.NewRAGHandlers(corpusVersionStore)
|
||||
@@ -245,74 +235,6 @@ func main() {
|
||||
auditRoutes.GET("/export/compliance", auditHandlers.ExportComplianceReport)
|
||||
}
|
||||
|
||||
// DSGVO routes (Art. 30, 32, 35, 15-22 DSGVO)
|
||||
dsgvoRoutes := v1.Group("/dsgvo")
|
||||
{
|
||||
// Statistics
|
||||
dsgvoRoutes.GET("/stats", dsgvoHandlers.GetStats)
|
||||
|
||||
// DEPRECATED: VVT routes - frontend uses backend-compliance proxy instead
|
||||
// VVT - Verarbeitungsverzeichnis (Art. 30)
|
||||
vvt := dsgvoRoutes.Group("/processing-activities")
|
||||
{
|
||||
vvt.GET("", dsgvoHandlers.ListProcessingActivities)
|
||||
vvt.GET("/:id", dsgvoHandlers.GetProcessingActivity)
|
||||
vvt.POST("", dsgvoHandlers.CreateProcessingActivity)
|
||||
vvt.PUT("/:id", dsgvoHandlers.UpdateProcessingActivity)
|
||||
vvt.DELETE("/:id", dsgvoHandlers.DeleteProcessingActivity)
|
||||
}
|
||||
|
||||
// TOM - Technische und Organisatorische Maßnahmen (Art. 32)
|
||||
// DEPRECATED: TOM is now managed by backend-compliance (Python).
|
||||
// Use: GET/POST /api/compliance/tom/state, /tom/measures, /tom/stats, /tom/export
|
||||
tom := dsgvoRoutes.Group("/tom")
|
||||
{
|
||||
tom.GET("", dsgvoHandlers.ListTOMs)
|
||||
tom.GET("/:id", dsgvoHandlers.GetTOM)
|
||||
tom.POST("", dsgvoHandlers.CreateTOM)
|
||||
}
|
||||
|
||||
// DSR - Data Subject Requests / Betroffenenrechte (Art. 15-22)
|
||||
// DEPRECATED: DSR is now managed by backend-compliance (Python).
|
||||
// Use: GET/POST/PUT /api/compliance/dsr/* on backend-compliance:8002
|
||||
dsr := dsgvoRoutes.Group("/dsr")
|
||||
{
|
||||
dsr.GET("", dsgvoHandlers.ListDSRs)
|
||||
dsr.GET("/:id", dsgvoHandlers.GetDSR)
|
||||
dsr.POST("", dsgvoHandlers.CreateDSR)
|
||||
dsr.PUT("/:id", dsgvoHandlers.UpdateDSR)
|
||||
}
|
||||
|
||||
// Retention Policies - Löschfristen (Art. 17)
|
||||
retention := dsgvoRoutes.Group("/retention-policies")
|
||||
{
|
||||
retention.GET("", dsgvoHandlers.ListRetentionPolicies)
|
||||
retention.POST("", dsgvoHandlers.CreateRetentionPolicy)
|
||||
}
|
||||
|
||||
// DSFA - Datenschutz-Folgenabschätzung (Art. 35)
|
||||
// DEPRECATED: DSFA migrated to backend-compliance (Python/FastAPI).
|
||||
// Use backend-compliance /api/compliance/dsfa/* instead.
|
||||
dsfa := dsgvoRoutes.Group("/dsfa")
|
||||
{
|
||||
dsfa.GET("", dsgvoHandlers.ListDSFAs)
|
||||
dsfa.GET("/:id", dsgvoHandlers.GetDSFA)
|
||||
dsfa.POST("", dsgvoHandlers.CreateDSFA)
|
||||
dsfa.PUT("/:id", dsgvoHandlers.UpdateDSFA)
|
||||
dsfa.DELETE("/:id", dsgvoHandlers.DeleteDSFA)
|
||||
dsfa.GET("/:id/export", dsgvoHandlers.ExportDSFA)
|
||||
}
|
||||
|
||||
// Export routes
|
||||
exports := dsgvoRoutes.Group("/export")
|
||||
{
|
||||
exports.GET("/vvt", dsgvoHandlers.ExportVVT) // DEPRECATED: use backend-compliance /vvt/export?format=csv
|
||||
exports.GET("/tom", dsgvoHandlers.ExportTOM) // DEPRECATED: use backend-compliance /tom/export?format=csv
|
||||
exports.GET("/dsr", dsgvoHandlers.ExportDSR) // DEPRECATED: use backend-compliance /dsr/export?format=csv
|
||||
exports.GET("/retention", dsgvoHandlers.ExportRetentionPolicies)
|
||||
}
|
||||
}
|
||||
|
||||
// UCCA routes - Use-Case Compliance & Feasibility Advisor
|
||||
uccaRoutes := v1.Group("/ucca")
|
||||
{
|
||||
@@ -338,16 +260,7 @@ func main() {
|
||||
// Export
|
||||
uccaRoutes.GET("/export/:id", uccaHandlers.Export)
|
||||
|
||||
// Statistics
|
||||
uccaRoutes.GET("/stats", uccaHandlers.GetStats)
|
||||
|
||||
// Wizard routes - Legal Assistant integrated
|
||||
uccaRoutes.GET("/wizard/schema", uccaHandlers.GetWizardSchema)
|
||||
uccaRoutes.POST("/wizard/ask", uccaHandlers.AskWizardQuestion)
|
||||
|
||||
// DEPRECATED: UCCA Escalation management (E0-E3 workflow)
|
||||
// Frontend uses Python backend-compliance escalation_routes.py (/api/compliance/escalations).
|
||||
// These UCCA-specific routes remain for assessment-review workflows only.
|
||||
// Escalation management (assessment-review workflows)
|
||||
uccaRoutes.GET("/escalations", escalationHandlers.ListEscalations)
|
||||
uccaRoutes.GET("/escalations/stats", escalationHandlers.GetEscalationStats)
|
||||
uccaRoutes.GET("/escalations/:id", escalationHandlers.GetEscalation)
|
||||
@@ -356,10 +269,6 @@ func main() {
|
||||
uccaRoutes.POST("/escalations/:id/review", escalationHandlers.StartReview)
|
||||
uccaRoutes.POST("/escalations/:id/decide", escalationHandlers.DecideEscalation)
|
||||
|
||||
// DEPRECATED: DSB Pool management — see note above
|
||||
uccaRoutes.GET("/dsb-pool", escalationHandlers.ListDSBPool)
|
||||
uccaRoutes.POST("/dsb-pool", escalationHandlers.AddDSBPoolMember)
|
||||
|
||||
// Obligations framework (v2 with TOM mapping)
|
||||
obligationsHandlers.RegisterRoutes(uccaRoutes)
|
||||
}
|
||||
@@ -477,15 +386,6 @@ func main() {
|
||||
portfolioRoutes.POST("/compare", portfolioHandlers.ComparePortfolios)
|
||||
}
|
||||
|
||||
// Drafting Engine routes - Compliance Document Drafting & Validation
|
||||
draftingRoutes := v1.Group("/drafting")
|
||||
draftingRoutes.Use(rbacMiddleware.RequireLLMAccess())
|
||||
{
|
||||
draftingRoutes.POST("/draft", draftingHandlers.DraftDocument)
|
||||
draftingRoutes.POST("/validate", draftingHandlers.ValidateDocument)
|
||||
draftingRoutes.GET("/history", draftingHandlers.GetDraftHistory)
|
||||
}
|
||||
|
||||
// Academy routes - E-Learning / Compliance Training
|
||||
academyRoutes := v1.Group("/academy")
|
||||
{
|
||||
@@ -616,82 +516,6 @@ func main() {
|
||||
whistleblowerRoutes.GET("/stats", whistleblowerHandlers.GetStatistics)
|
||||
}
|
||||
|
||||
// DEPRECATED: Incidents routes — Python backend is now Source of Truth.
|
||||
// Frontend proxies to backend-compliance:8002/api/compliance/incidents/*
|
||||
// These Go routes remain registered but should not be extended.
|
||||
incidentRoutes := v1.Group("/incidents")
|
||||
{
|
||||
// Incident CRUD
|
||||
incidentRoutes.POST("", incidentHandlers.CreateIncident)
|
||||
incidentRoutes.GET("", incidentHandlers.ListIncidents)
|
||||
incidentRoutes.GET("/:id", incidentHandlers.GetIncident)
|
||||
incidentRoutes.PUT("/:id", incidentHandlers.UpdateIncident)
|
||||
incidentRoutes.DELETE("/:id", incidentHandlers.DeleteIncident)
|
||||
|
||||
// Risk Assessment
|
||||
incidentRoutes.POST("/:id/assess-risk", incidentHandlers.AssessRisk)
|
||||
|
||||
// Authority Notification (Art. 33)
|
||||
incidentRoutes.POST("/:id/notify-authority", incidentHandlers.SubmitAuthorityNotification)
|
||||
|
||||
// Data Subject Notification (Art. 34)
|
||||
incidentRoutes.POST("/:id/notify-subjects", incidentHandlers.NotifyDataSubjects)
|
||||
|
||||
// Measures
|
||||
incidentRoutes.POST("/:id/measures", incidentHandlers.AddMeasure)
|
||||
incidentRoutes.PUT("/:id/measures/:measureId", incidentHandlers.UpdateMeasure)
|
||||
incidentRoutes.POST("/:id/measures/:measureId/complete", incidentHandlers.CompleteMeasure)
|
||||
|
||||
// Timeline
|
||||
incidentRoutes.POST("/:id/timeline", incidentHandlers.AddTimelineEntry)
|
||||
|
||||
// Lifecycle
|
||||
incidentRoutes.POST("/:id/close", incidentHandlers.CloseIncident)
|
||||
|
||||
// Statistics
|
||||
incidentRoutes.GET("/stats", incidentHandlers.GetStatistics)
|
||||
}
|
||||
|
||||
// DEPRECATED: Vendor Compliance routes — Python backend is now Source of Truth.
|
||||
// Frontend proxies to backend-compliance:8002/api/compliance/vendor-compliance/*
|
||||
// These Go routes remain registered but should not be extended.
|
||||
vendorRoutes := v1.Group("/vendors")
|
||||
{
|
||||
// Vendor CRUD
|
||||
vendorRoutes.POST("", vendorHandlers.CreateVendor)
|
||||
vendorRoutes.GET("", vendorHandlers.ListVendors)
|
||||
vendorRoutes.GET("/:id", vendorHandlers.GetVendor)
|
||||
vendorRoutes.PUT("/:id", vendorHandlers.UpdateVendor)
|
||||
vendorRoutes.DELETE("/:id", vendorHandlers.DeleteVendor)
|
||||
|
||||
// Contracts (AVV/DPA)
|
||||
vendorRoutes.POST("/contracts", vendorHandlers.CreateContract)
|
||||
vendorRoutes.GET("/contracts", vendorHandlers.ListContracts)
|
||||
vendorRoutes.GET("/contracts/:id", vendorHandlers.GetContract)
|
||||
vendorRoutes.PUT("/contracts/:id", vendorHandlers.UpdateContract)
|
||||
vendorRoutes.DELETE("/contracts/:id", vendorHandlers.DeleteContract)
|
||||
|
||||
// Findings
|
||||
vendorRoutes.POST("/findings", vendorHandlers.CreateFinding)
|
||||
vendorRoutes.GET("/findings", vendorHandlers.ListFindings)
|
||||
vendorRoutes.GET("/findings/:id", vendorHandlers.GetFinding)
|
||||
vendorRoutes.PUT("/findings/:id", vendorHandlers.UpdateFinding)
|
||||
vendorRoutes.POST("/findings/:id/resolve", vendorHandlers.ResolveFinding)
|
||||
|
||||
// Control Instances
|
||||
vendorRoutes.POST("/controls", vendorHandlers.UpsertControlInstance)
|
||||
vendorRoutes.GET("/controls", vendorHandlers.ListControlInstances)
|
||||
|
||||
// Templates
|
||||
vendorRoutes.GET("/templates", vendorHandlers.ListTemplates)
|
||||
vendorRoutes.GET("/templates/:templateId", vendorHandlers.GetTemplate)
|
||||
vendorRoutes.POST("/templates", vendorHandlers.CreateTemplate)
|
||||
vendorRoutes.POST("/templates/:templateId/apply", vendorHandlers.ApplyTemplate)
|
||||
|
||||
// Statistics
|
||||
vendorRoutes.GET("/stats", vendorHandlers.GetStatistics)
|
||||
}
|
||||
|
||||
// IACE routes - Industrial AI Compliance Engine (CE-Risikobeurteilung SW/FW/KI)
|
||||
iaceRoutes := v1.Group("/iace")
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user